VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents....

playwright

53.8M/wk 0 tools GitHub npm

No known CVEs

No license

Actively maintained

Last commit 6d ago

Works with most clients

Transport: stdio, sse

0 tools

Grade F

Edit this pageView history

Security Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-kota1026-vaultguard-mcp": {
      "args": [
        "-y",
        "playwright"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-kota1026-vaultguard-mcp)](https://mcppedia.org/s/io-github-kota1026-vaultguard-mcp)

Read me

What VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... does

Post-quantum asset protection protocol for Ethereum using NIST-standardized cryptography

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'playwright' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

53/100across 5 weighted dimensions

How we score →

0255075100

−47

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

CVE-2025-59288medium · fixedCVSS 4

Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate

### Summary Use of `curl` with the `-k` (or `--insecure`) flag in installer scripts allows attackers to deliver arbitrary executables via Man-in-the-Middle (MitM) attacks. This can lead to full system compromise, as the downloaded files are installed as privileged applications. ### Details The following scripts in the `microsoft/playwright` repository at commit [`bee11cbc28f24bd18e726163d0b9b1571b4f26a8`](https://github.com/microsoft/playwright/commit/bee11cbc28f24bd18e726163d0b9b1571b4f26a8) u

Affected: >= 0Fixed in 1.55.1source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... safe to use?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents....?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents....?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... actively maintained?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... is actively maintained — last commit was 6 days ago.

Similar servers

Others in security / finance

View all →

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Investor Agent93

A Model Context Protocol server for building an investor agent

329 7

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

MCP Security Weekly

Get CVE alerts and security updates for VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security Finance

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-kota1026-vaultguard-mcp": {
      "args": [
        "-y",
        "playwright"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-kota1026-vaultguard-mcp)](https://mcppedia.org/s/io-github-kota1026-vaultguard-mcp)

Read me

What VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... does

Post-quantum asset protection protocol for Ethereum using NIST-standardized cryptography

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'playwright' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Quantum Shield

Post-quantum asset protection protocol for Ethereum using NIST-standardized cryptography

What is Quantum Shield?

Quantum Shield protects smart contract assets against quantum computing threats using NIST FIPS 204 (ML-DSA/Dilithium) and FIPS 205 (SLH-DSA/SPHINCS+) dual post-quantum signatures, combined with a decentralized Prover Pool, VRF-based selection, and time-locked custody.

Key Features

Dual PQC Signatures — ML-DSA-65 + SLH-DSA for defense-in-depth
Prover Pool — Decentralized verification with stake-weighted selection via VRF
Time-Locked Custody — 24h normal unlock, 7-day emergency path with bond
Observer Network — Independent challenge system with quadratic slashing
On-Chain Governance — veQS token voting, security council, insurance fund
11 Sub-Applications — Consumer, Prover, Observer, Explorer, Enterprise, Governance, Admin

Architecture

┌─────────────────────────────────────────────────────────────────┐
│  Frontend (Next.js 15)         11 apps, 136 routes, ja/en i18n │
├─────────────────────────────────────────────────────────────────┤
│  Backend API (Rust/Axum)       REST API, SIWE auth, Auto-Claim │
├──────────────────┬──────────────────────────────────────────────┤
│  L1: Sepolia     │  L3: Arbitrum Sepolia                       │
│  • Vault         │  • CoreLayer    • Governor                  │
│  • ProverRegistry│  • veQS         • RewardRouter              │
│  • SPHINCS+ Vfy  │  • QSToken      • InsuranceFund             │
└──────────────────┴──────────────────────────────────────────────┘

9 Core Sequences

#	Flow	Path
1	Consumer Lock	Frontend → API → DB → L1 Vault
2	Normal Unlock	24h timelock → Prover verification → L1 claim
3	Emergency Unlock	Bond deposit → 7-day lock → Emergency path
4	Prover Registration	Stake → VRF selection → Proof generation
5	Observer Challenge	Monitor → Challenge → VRF arbitration
6	Slashing	Quadratic penalty → L1 ProverRegistry
7	Governance	veQS voting → Proposal execution on L3
8	Emergency Pause	Security council → L1 pause
9	Token Hub	Stake QS → veQS → Rewards

Tech Stack

Layer	Technology
Frontend	Next.js 15, TypeScript, Tailwind CSS, Wagmi, RainbowKit
Backend	Rust, Axum, PostgreSQL, Redis, RabbitMQ
Contracts	Solidity 0.8.24 (Foundry), deployed to Sepolia + Arbitrum Sepolia
Cryptography	NIST FIPS 204 (ML-DSA-65), FIPS 205 (SLH-DSA), SHA3-256
SDK	WASM (Rust → wasm-pack), npm-publishable
Testing	Playwright (E2E), Vitest, cargo test, Foundry forge test

Deployed Contracts

L1: Ethereum Sepolia

Contract	Address
Vault	`0x07012aeF87C6E423c32F2f8eaF81762f63337260`
ProverRegistry	`0x08e1fc1A0d614bc132B48950760c7A291cCB8946`
SPHINCS+ Verifier	`0xD090b5A627d9bd6D96a8b5f6F504ebCa79980103`

L3: Arbitrum Sepolia (12 contracts)

Contract	Address
CoreLayer	`0xb04F4DFe093dC80420117EDC8300f5EB6F6EDBf0`
veQS	`0xE72dFa97C9E452dC0b8E6aa026c910D21B20fCAE`
Governor	`0xe93b8129DC3dBD48E5d78C5A4C156DD1BFa8D65B`
QSToken	`0xBD66beBE19E664dF143da54808d746192e4f2ee2`

All L3 contracts verified on Sourcify.

Quick Start

Prerequisites

Docker & Docker Compose
Rust 1.75+ with cargo
Node.js 20+ with pnpm
Foundry (forge, anvil)

Development Setup

# 1. Start infrastructure
docker compose up -d postgres redis rabbitmq l3-node minio minio-init

# 2. Ru

... [View full README on GitHub](https://github.com/kota1026/quantum-shield#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

53/100across 5 weighted dimensions

How we score →

0255075100

−47

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

CVE-2025-59288medium · fixedCVSS 4

Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate

Affected: >= 0Fixed in 1.55.1source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... safe to use?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents....?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents....?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... actively maintained?: VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... is actively maintained — last commit was 6 days ago.

Similar servers

Others in security / finance

View all →

Alpha Vantage Mcp95

Real-time financial market data: stocks, forex, crypto, commodities, and economic indicators

158 3

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Investor Agent93

A Model Context Protocol server for building an investor agent

329 7

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

MCP Security Weekly

Get CVE alerts and security updates for VaultGuard MCP Server - Yearn V3 / DeFi vault security and analysis tools for AI coding agents.... and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?